quanlt
(millionsun93)
September 12, 2016, 9:39am
1
Hi there.
I’m writing web app and i want to call api from javascript, so i have a problem with CORS, i searched community and found this thread
Hi Alex,
You can return JSONP from endpoints created with a SmartApp or device type (see our Web Services Developer’s Guide for the basics). The trick is to set the response’s content type to something other than JSON (the default). For example, adding the following sections to a SmartApp will define an endpoint that will return a JSONP response that calls the JavaScript function specified in the callback parameter:
preferences {
section("Title") {
input "switches", "capability.switch", title: "Lights & Switches", multiple: true
}
}
mappings {
path("/switches") {
action: [
GET: "listSwitches"
]
}
}
def listSwitches() {
render contentType: "application/javascript", data: "${params.callback}(${switches.collect{[id: it.id, name: it.displayName, status…
But JSONP request works by creating a script tag, therefore i cannot add custom headers (Authorization).
Can i call api from client side by javascript? or i must do it from server?
Thanks!
625alex
(Alex, ActionTiles Control Panel)
September 12, 2016, 5:22pm
2
You can work around it by supplying access_token=abc-123
parameter in the JSONP request.
Note that token exposure is considered to be insecure and SmartThings really frowns upon any access token exposure.
1 Like